[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:0660-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":174,"epss":9,"epss_history":175,"metrics":176,"affected":177},"SUSE-SU-2018:0660-1","Security update for the Linux Kernel\n\n\n\nThe SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (bnc#1068032).\n\n  The previous fix using CPU Microcode has been complemented by building the Linux Kernel with return trampolines aka 'retpolines'.\n\n- CVE-2018-5332: In the Linux kernel the rds_message_alloc_sgs() function did not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c) (bnc#1075621).\n- CVE-2018-5333: In the Linux kernel the rds_cmsg_atomic function in net/rds/rdma.c mishandled cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2017-18017: The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel allowed remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action (bnc#1074488).\n- CVE-2017-18079: drivers/input/serio/i8042.c in the Linux kernel allowed attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated (bnc#1077922).\n- CVE-2017-17741: The KVM implementation in the Linux kernel allowed attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h (bnc#1073311).\n- CVE-2017-13215: A elevation of privilege vulnerability in the Upstream kernel skcipher. (bnc#1075908).\n- CVE-2018-1000004: In the Linux kernel a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition (bnc#1076017).\n\nThe following non-security bugs were fixed:\n\n- cdc-acm: apply quirk for card reader (bsc#1060279).\n- Enable CPU vulnerabilities reporting via sysfs\n- fork: clear thread stack upon allocation (bsc#1077560).\n- kaiser: Set _PAGE_NX only if supported (bnc#1012382, bnc#1076278).\n- kbuild: modversions for EXPORT_SYMBOL() for asm (bsc#1074621 bsc#1068032).\n- Move kABI fixup for retpolines to proper place.\n- powerpc/vdso64: Use double word compare on pointers (bsc#1070781).\n- s390: add ppa to the idle loop (bnc#1077406, LTC#163910).\n- s390/cpuinfo: show facilities as reported by stfle (bnc#1076849, LTC#163741).\n- storvsc: do not assume SG list is continuous when doing bounce buffers (bsc#1075410).\n- sysfs/cpu: Add vulnerability folder (bnc#1012382).\n- sysfs/cpu: Fix typos in vulnerability documentation (bnc#1012382).\n- sysfs: spectre_v2, handle spec_ctrl (bsc#1075994 bsc#1075091).\n- x86/acpi: Handle SCI interrupts above legacy space gracefully (bsc#1068984).\n- x86/acpi: Reduce code duplication in mp_override_legacy_irq() (bsc#1068984).\n- x86/boot: Fix early command-line parsing when matching at end (bsc#1068032).\n- x86/cpu: Factor out application of forced CPU caps (bsc#1075994 bsc#1075091).\n- x86/cpu: Implement CPU vulnerabilites sysfs functions (bnc#1012382).\n- x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).\n- x86/kaiser: Populate shadow PGD with NX bit only if supported by platform (bsc#1076154 bsc#1076278).\n- x86/kaiser: use trampoline stack for kernel entry.\n- x86/microcode/intel: Disable late loading on model 79 (bsc#1054305).\n- x86/microcode/intel: Extend BDW late-loading further with LLC size check (bsc#1054305).\n- x86/microcode/intel: Extend BDW late-loading with a revision check (bsc#1054305).\n- x86/microcode: Rescan feature flags upon late loading (bsc#1075994 bsc#1075091).\n- x86/retpolines/spec_ctrl: disable IBRS on !SKL if retpolines are active (bsc#1068032).\n- x86/spec_ctrl: handle late setting of X86_FEATURE_SPEC_CTRL properly (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: fix ordering in IBRS initialization (bsc#1075994 bsc#1075091).\n- x86/spectre_v2: nospectre_v2 means nospec too (bsc#1075994 bsc#1075091).\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2017-13215",{"_key":17},"CVE-2017-17741",{"_key":19},"CVE-2017-18017",{"_key":21},"CVE-2017-18079",{"_key":23},"CVE-2017-5715",{"_key":25},"CVE-2018-1000004",{"_key":27},"CVE-2018-5332",{"_key":29},"CVE-2018-5333",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2018-03-12T06:47:24Z","2026-02-04T03:24:47.329808Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,61,65,69,73,77,81,85,89,93,97,101,105,109,113,117,121,125,129,133,137,141,146,150,154,158,162,166,170],{"url":47,"sources":48,"tags":50},"https://www.suse.com/support/update/announcement/2018/suse-su-20180660-1/",[49],"osv_suse",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/1012382",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/1054305",[49],[56],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1060279",[49],[56],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/1068032",[49],[56],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/1068984",[49],[56],{"url":74,"sources":75,"tags":76},"https://bugzilla.suse.com/1070781",[49],[56],{"url":78,"sources":79,"tags":80},"https://bugzilla.suse.com/1073311",[49],[56],{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/1074488",[49],[56],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/1074621",[49],[56],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/1075091",[49],[56],{"url":94,"sources":95,"tags":96},"https://bugzilla.suse.com/1075410",[49],[56],{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/1075617",[49],[56],{"url":102,"sources":103,"tags":104},"https://bugzilla.suse.com/1075621",[49],[56],{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/1075908",[49],[56],{"url":110,"sources":111,"tags":112},"https://bugzilla.suse.com/1075994",[49],[56],{"url":114,"sources":115,"tags":116},"https://bugzilla.suse.com/1076017",[49],[56],{"url":118,"sources":119,"tags":120},"https://bugzilla.suse.com/1076154",[49],[56],{"url":122,"sources":123,"tags":124},"https://bugzilla.suse.com/1076278",[49],[56],{"url":126,"sources":127,"tags":128},"https://bugzilla.suse.com/1076849",[49],[56],{"url":130,"sources":131,"tags":132},"https://bugzilla.suse.com/1077406",[49],[56],{"url":134,"sources":135,"tags":136},"https://bugzilla.suse.com/1077560",[49],[56],{"url":138,"sources":139,"tags":140},"https://bugzilla.suse.com/1077922",[49],[56],{"url":142,"sources":143,"tags":144},"https://www.suse.com/security/cve/CVE-2017-13215",[49],[145],"WEB",{"url":147,"sources":148,"tags":149},"https://www.suse.com/security/cve/CVE-2017-17741",[49],[145],{"url":151,"sources":152,"tags":153},"https://www.suse.com/security/cve/CVE-2017-18017",[49],[145],{"url":155,"sources":156,"tags":157},"https://www.suse.com/security/cve/CVE-2017-18079",[49],[145],{"url":159,"sources":160,"tags":161},"https://www.suse.com/security/cve/CVE-2017-5715",[49],[145],{"url":163,"sources":164,"tags":165},"https://www.suse.com/security/cve/CVE-2018-1000004",[49],[145],{"url":167,"sources":168,"tags":169},"https://www.suse.com/security/cve/CVE-2018-5332",[49],[145],{"url":171,"sources":172,"tags":173},"https://www.suse.com/security/cve/CVE-2018-5333",[49],[145],[],[],[],[178,191,196,200,205,209,214,218,223,227,232,236,241,245,250],{"ecosystem":179,"name":180,"vendor":181,"product":182,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":182,"source":9,"versions":184},"SUSE Linux Enterprise","kernel-bigsmp","suse","kernel-bigsmp&distro=SUSE Linux Enterprise Server 11 SP3-LTSS","rpm",[185],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},"lt3_0_101_0_47_106_19_1",true,"ecosystem","3.0.101-0.47.106.19.1","excluding",{"ecosystem":179,"name":192,"vendor":181,"product":193,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":193,"source":9,"versions":194},"kernel-default","kernel-default&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[195],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":192,"vendor":181,"product":197,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":197,"source":9,"versions":198},"kernel-default&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[199],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":201,"vendor":181,"product":202,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":202,"source":9,"versions":203},"kernel-ec2","kernel-ec2&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[204],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":201,"vendor":181,"product":206,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":206,"source":9,"versions":207},"kernel-ec2&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[208],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":210,"vendor":181,"product":211,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":211,"source":9,"versions":212},"kernel-pae","kernel-pae&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[213],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":210,"vendor":181,"product":215,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":215,"source":9,"versions":216},"kernel-pae&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[217],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":219,"vendor":181,"product":220,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":220,"source":9,"versions":221},"kernel-source","kernel-source&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[222],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":219,"vendor":181,"product":224,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":224,"source":9,"versions":225},"kernel-source&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[226],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":228,"vendor":181,"product":229,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":229,"source":9,"versions":230},"kernel-syms","kernel-syms&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[231],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":228,"vendor":181,"product":233,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":233,"source":9,"versions":234},"kernel-syms&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[235],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":237,"vendor":181,"product":238,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":238,"source":9,"versions":239},"kernel-trace","kernel-trace&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[240],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":237,"vendor":181,"product":242,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":242,"source":9,"versions":243},"kernel-trace&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[244],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":246,"vendor":181,"product":247,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":247,"source":9,"versions":248},"kernel-xen","kernel-xen&distro=SUSE Linux Enterprise Point of Sale 11 SP3",[249],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9},{"ecosystem":179,"name":246,"vendor":181,"product":251,"cpe_part":9,"purl_type":183,"purl_namespace":181,"purl_name":251,"source":9,"versions":252},"kernel-xen&distro=SUSE Linux Enterprise Server 11 SP3-LTSS",[253],{"version":186,"is_range":187,"range_type":188,"version_start":9,"version_start_type":9,"version_end":189,"version_end_type":190,"fixed_in":9}]